PEM pass phrase: - a long and secure (not a simple) password
Country Name: - a two letter code for your country (swiss = CH; netherlands = NL, …)
State or Province Name: - the province you live in (optional)
Locality Name: - the city you live in (optional)
Organization Name: - (optional)
Organizational Unit Name: - (optional)
Common Name: - The complete domain, for what you are creating the certificate. In this case "localhost"
The correct entry is important, because the here choosen name is verified later!!!

Email Address - (optional)
A challenge password - This attribut you can ignore, because we will sign our certificate by ourself.
An optional company name - (optional)

As next step we will remove the passphrase/password from the private key and save it in a new file.

Code:

openssl rsa -in localhost.pem -out localhost.key

At least we will generate our own certificate. Usually this is done by a CA, but in our case we are our own CA.

> If you want to generate one certificate for multiple servernames,
this can be done with an additional "multidomain.cnf" file, in which
the needed information has been placed before. This file can be
included: